Posted
by
timothy
on Friday September 13, 2013 @09:02PM
from the something-you'd-wish-was-hard-to-believe dept.

MikeatWired writes "It wasn't ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors. Freedom Hosting's operator, Eric Eoin Marques, had rented the servers from an unnamed commercial hosting provider in France, and paid for them from a bank account in Las Vegas. It's not clear how the FBI took over the servers in late July, but the bureau was temporarily thwarted when Marques somehow regained access and changed the passwords, briefly locking out the FBI until it gained back control. The new details emerged in local press reports from a Thursday bail hearing in Dublin, Ireland, where Marques, 28, is fighting extradition to America on charges that Freedom Hosting facilitated child pornography on a massive scale. He was denied bail today for the second time since his arrest in July. On August 4, all the sites hosted by Freedom Hosting — some with no connection to child porn — began serving an error message with hidden code embedded in the page. Security researchers dissected the code and found it exploited a security hole in Firefox to identify users of the Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia. The FBI was the obvious suspect, but declined to comment on the incident. The FBI also didn't respond to inquiries from WIRED today. But FBI Supervisory Special Agent Brooke Donahue was more forthcoming when he appeared in the Irish court yesterday to bolster the case for keeping Marque behind bars."

Nope, the NSA controlled the servers, it led to an NSA controlled IP address and they have the hackers needed. The BIG FAT LIE was that this block could be used by other agencies. Since potentially NSA broke the law for USA domestic Tor users, we have the FBI stepping forward to take the blame.

But we know its the NSA that tracks and monitors TOR because it was in their leaked document as one of their many excuses for surveillance:http://www.theguardian.com/world/interactive/2013/jun/20/exhibit-b-nsa-procedures-document

Also go read the first leaked warrant that let the NSA collect all the data (link below), it had the FBI's name on it. It was an FBI request to hand the data from Verizon's phone records to the NSA, a simple reacharound the domestic spying laws. The FBI acts as wing man for the NSA:

FBI doesn't have the experts, or the IP address or the interest in Tor, it was NSA and it was timed just as the NSA was trying to prevent further leaks from its own analysts. At best the FBI simply provides the excuse, as it did with the Verizon incident.

Nope, the NSA controlled the servers, it led to an NSA controlled IP address and they have the hackers needed.

Don't be ridiculous. The NSA hackers were probably laughing and pointing at the FBI and snickering about how they were amateurs. Remember the NSA has only gotten caught when they've been betrayed, not because their technical means were discovered.

Nope, the NSA controlled the servers, it led to an NSA controlled IP address and they have the hackers needed.

Don't be ridiculous. The NSA hackers were probably laughing and pointing at the FBI and snickering about how they were amateurs. Remember the NSA has only gotten caught when they've been betrayed, not because their technical means were discovered.

Uh... why would the FBI care about being caught? They are a domestic, (supposedly) civil police organization, while the NSA are military and international.

The FBI would be facing a US court or a non trivial extradition hearing. Real US lawyers and open foreign courts do like to see some evidence and some aspects surrounding a real warrant.
Would the NSA with its military and international background and constant Russian interest really like to hint at vast long term databases in court? Any FBI investigation could use it to make 'hidden' connections and get warrants? Sooner or later crime and countries under FBI watch would wonder about the near perfect dig

The FBI isn't "domestic". The only organizations with rules on operations are the CIA and military, who have rules against domestic operations. The FBI is the international investigations point for international kidnapping of US citizens. Though, in practice, that consists almost solely of representing one US citizen parent against another US citizen parent when one has fled the country with a child. International domestic disturbances is most of the FBI's international activity, but not the only intern

You seem to have forgotten that the FBI has to broken computer laws in 'other' countries. The mind boggles as this FBI agent turning up in a foreign court after breaking computer laws, claiming evidence obtained by hacking computers. The judge in that Irish court has to be the biggest lame duck in history. As soon as the FBI agent admitted what they did, the judge should have ordered the agent arrested and held for trial. The law is the law and US law is not law in Ireland and the FBI has zero right to break Ireland's computer laws. Any evidence obtained, well, might as well be fantasy father than fact as there is no way for a court to tell what was real and what was fabricated on an 'illegally' hacked computer.

When there is danger of infringing on the rights (which includes contracts) of innocent parties, law enforcement is, at the very least, required to use "narrowly tailored" means to effect their business.

They used pretty much the opposite of "narrowly tailored" means. They just took over the whole hosting company and surveilled ALL the users.

Definitely a no-no. Definitely illegal.

No reasonable person is in favor of child pornography. But law enforcement is not allowed to break the law in order to enforce the law.

Re technical means and what was Operation Fairplay back in ~2005~2008:
Senator: Let's monitor P2P for illegal files http://news.cnet.com/8301-10784_3-9920665-7.html [cnet.com]
"for purposes of longer-term tracking, the software captures "unique serial numbers" from the person's computer "
Tor seemed to be the next step or was on the list with irc and any other method of moving files?

TFA sez "The official IP allocation records maintained by the American Registry for Internet Numbers show the two Magneto-related IP addresses were part of a ghost block of eight addresses that have no organization listed. Those addresses trace no further than the Verizon Business data center in Ashburn, Virginia, 20 miles northwest of the Capital Beltway."

So it's not clear if those addresses belong to the FBI, the CIA, NSA, or anyone else.

Is this even "legal" on the Internet? Perhaps those IP addresses should be reclaimed and reassigned by ARIN since "nobody" is using them and IPV4 addresses are now in short (nonexistent) supply.

No, actually, you're wrong. You should be allowed to post any content you wish. In this case, though, you should be mentally equiped with the moral, ethical code that would tell you that child porn is wrong. Of course, that observation only moves itself along to yet another point.. That is the failing of society and culture to properly cultivate those skills. A conversation beyond the scope of/.

No, you're wrong as well. Focusing simply on the child porn in this case is basically ignoring the larger picture and the people who were NOT engaged in illegal activities in this matter. It becomes a far less trivial thing when innocent people are involved, especially since they moved to a system like Tor because they couldn't trust their own government, who just proved their lack of trust right.

Remember when we used to think that U.S. LEOs still had some sense of ethics and would never actually send child porn to anyone to make a case? Now we know that, at least for a while, the FBI was running the servers. The FBI was responsible for serving up, by all accounts, half the *.onion-based child porn sites in the world.

Is this the first time they crossed this line? Or have they done so before?

Let us not forget, they ran ALL of freedom hosting and brought down ALL of freedom hosting, even non pedo sites. What do you think would happen if they took over all of AWS because someone set up a child porn server?

But the law is wrong. It goes against my sense of fairness. If you wouldn't have broken the law, but for the cops encouraging and facilitating your lawbreaking, that's entrapment.

There were a lot of recent cases where undercover agents found somebody who couldn't change a tire, much less build a bomb, and set him up in a whole bomb plot, together with fake explosives. Cops are very manipulative, and they have a track record of finding people who are me

Remember when we used to think that U.S. LEOs still had some sense of ethics and would never actually send child porn to anyone to make a case? Now we know that, at least for a while, the FBI was running the servers. The FBI was responsible for serving up, by all accounts, half the *.onion-based child porn sites in the world.

Are you trying to claim that the FBI pushed child porn to people that weren't looking for it? Or are you complaining that they seized an existing child porn distribution network and ran a sting against people that came looking for it?

They seized a hosting service and then served child porn. You are presuming too much when you assume the porn was there before they seized it. It's also possible (or probable) that the FBI seized it, then uploaded to catch anyone who came looking for a Rhianna song.

Sorry not a sting, straight up breaking of computer laws by the FBI. I have ended up upon hundreds of thousands of internet pages I never intended to, some by misrepresentation on search results, some by redirects, some by stumble upon, some by other random web site selectors, some by bad web page adds, some by simple eye hand coordination between mouse pointer and mouse clicks (overall the worst has been re-directs, ending up going from one place to another without ever getting to the place intended until

Remember when we used to think that U.S. LEOs still had some sense of ethics and would never actually send child porn to anyone to make a case? Now we know that, at least for a while, the FBI was running the servers. The FBI was responsible for serving up, by all accounts, half the *.onion-based child porn sites in the world.

Is this the first time they crossed this line? Or have they done so before?

Yes, and they also browbeat poor and indigent people (sometimes a hundred times or more) into acts of "terrorism". And they do it within the environs of leftist political movements. Making the population unnecessarily afraid of death/dismemberment from otherwise peaceful political groups is terrorist activism in a class of its own.

It has long been a court approved policy that if the cops find a running server they don't have to take it down, they can keep the lights on and record all the people accessing it. As far as I know that has been the case since FTP servers in the 80s if not before. However, it's the first time I've heard of them serving trojans, that means actively breaking the law in all other countries of the world by compromising clients that aren't under US jurisdiction. In particular if this happened on sites that weren

*.onion sites do not work that way. They are hosted within the Tor network itself, and should never see an exit node. The only thing the server communicates with is localhost, on a port that Tor runs on. They are designed to protect the identity of the server operator, but are also useful in that they can get around almost any NAT bullshit going on. Anyway, the FBI would have to be actively running those servers that were serving child porn, so they don't get a pass with that excuse.

How is any of this remotely legal? Every day we have a new article explaining how the feds have been pounding our apparently imagined liberties in the goat ass, they get 300-500 comments (a lot for./ these days) and then nothing happens. I'm a healthy skeptic, but this is literally the paranoid conspiracy-theorist's worse nightmare incarnate. I'm flabbergasted. In all seriousness, do we need to just move to a different country at some point? Is this what the start of a pseudo-democracy looks like and we just can't believe the warning signs are real? Just crazy...

You can't win by moving to another country. As much as Germany got up in arms about the NSA spying on it, German intelligence agencies have also been found to be skirting their own laws regarding monitoring people. If you want to move you have to find a country that is:* Not part of UKUSA (knocking out United States, Canada, Australia, New Zealand, and the UK)* Not part of NATO (knocking from the list Albania, Belgium, Bulgaria, Croatia, Czech Republic, Denmark, Estonia, France, Germany, Greece, Hungary, Iceland, Italy, Latvia, Lithuania, Luxembourg, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and Turkey)* Not extremely friendly to or reliant on US intelligence assets (removing Japan, Thailand, the Philippines, Israel, and much of South America)* Not part of the former Soviet Union (even Ukraine is working closely with Moscow these days)* Not making a public point of monitoring its residents (China, India, and others)* Still reasonably democratic and not horribly corrupt (seriously, US corruption has nothing on most of the world)

The list gets very small at this point. You have Finland and Sweden, but they're not trivial places to move to weather-wise unless you've lived in, say, Alaska or Maine, and Sweden may have been working with the NSA and/or monitoring its residents. Switzerland is also a possibility. But these require some very significant personal choices, involve massive lifestyle changes, and may not be possible as even the short list of nations that do fit the bill don't make immigration easy.

Sweden cooperates closely with Five Eyes. Apparently, their intelligence service is out of control as well. Sorry, no links, but you can google it yourself. Incidentally, that brings a few incidents of the past into a new light, e.g., the raid on the pirate bay servers as well as the charges against Assange.

Your personal *dream* favorites. You wouldn't survive there more than a few weeks, bud. Because, as you said, "you will not be of interest" there (for instance, when you break a bone and need help, or food, or protection from bandits...)

These often require one to get involved in the very corruption that people decry within the US, only on a much more local scale. Many people in these areas must bribe their garbagemen to get regular service--when there are such services. Other than that, getting a government clerk to respond to a form within weeks or months often requires a bribe, getting the police to ignore you for something petty requires a bribe (and bribing them too low may result in much worse charges).

Is there any example of the FBI or NSA misusing any of the data they are supposed to collecting?

Yes, there is [reuters.com]. The Special Operations Division of the DEA used NSA intercepts to target people for arrest. "After an arrest was made, agents then pretended that their investigation began with the traffic stop, not with the SOD tip, the former agent said. The training document reviewed by Reuters refers to this process as 'parallel construction.'"

if you are concerned about the low number of people protesting or not protesting maybe you should consider that your opinion is not widely shared with the majority.

Based on the people I know, the lack of protests is actually because of two things:

1) They rely on mainstream media outlets for news, and those sources only cover government misbehavior on the late-night news (and then it's often to discredit the opposition), if at all -- they only hype the stuff that will bring them ratings in the short-term, which is primarily entertainment shows like Dancing With The Twats.

2) Most of the people that are aware of it at this point are demoralized and feel hopeless. The past decade has shown us that writing our representatives or peaceful 1-2 day protests will be ignored regardless of size (Iraq War protests), and the OWS protests showed that sit-ins/lie-ins or anything lasting over a day will be met with aggression & violence by police while politicians ignore it & the media discredits the protesters.

So what effective options do we have left? What can we do that will actually make a difference, and not merely result in our faces being pepper-sprayed or bashed in?

That person may be someone who was born in the United States, but is presently living elsewhere. I have no evidence to back up such a hypothesis, but I am noting the possibility.

I have several friends who have left U.S. soil over the last five years without any intention of returning. I am still here, and I still dearly love what my nation is supposed to stand for. Unfortunately, reality is moving farther and farther from that ideal, all in the name of supposedly protecting the very freedoms that are being

Uhh... given that he who was the gold makes the rules, if there was a court order allowing it, or a clause in some law allowing it, it was authorized, just not by the owners of the computers.

Sorry, but I'm failing to follow your point here. Since when is an electronic device a waiver to standard privacy and due process?

Perhaps if the FBI were trying to break into my car I would understand this analogy better, but my point still stands. A "computer" is not automatic grounds for illegal wiretaps (and when I use the term "illegal", I'm referring to my Constitutionally protected Rights, not some secret court horseshit that "authorized" a waiver around said Rights, which remains illegal no matter who granted it.)

If there's a court order behind this, it's less problematic in my mind. Not all court orders are publicized even by normal courts; search warrants aren't provided to the targets to challenge before execution precisely so they can't hide or destroy evidence.

The problem I have with this operation is that it was conducted on servers located in France, which means that either French law enforcement was also involved (very possible) or the FBI is hacking servers across international boundaries. That puts at risk any agents involved as they could be tried under French law for such trespass, though given that it was to deal with child pornography, the political result is that it probably wouldn't result in much more than a warning.

The presidents of European nations all heal to the same masters as ours. Seen a NYTimes photo of Turkeys elected leader. Same suit, same tie, same generic lapel pin, on the same side. They are uniformed soldiers doing their duty. If there's any outrage from a local or lower government official it will just be to placate the masses, save face, the end of said officials careers. Might as well be clones IMO.

Dude, it's 2013, not 2003. France are the US's new best chums now, because they were going to help with the planned strikes in Syria. In fact, John Kerry referred to France as their "oldest ally" [telegraph.co.uk] in a manner widely interpreted as a snub to the UK, whose parliament had voted against taking part (although the Prime Minister had been in favour).

Of course, we've been here before with the positions reversed- we all remember when the UK went along with the Iraq war and France were against, how pathetically childish Bush was towards France and how he publicly flattered the UK and Tony Blair as the US's closest ally and best chum. Of course, Blair being an egotistical ***** continued sucking up to the US in the belief that this would buy further influence over them long after it was obvious to anyone that the US only did what it would have done anyway (and admitted as much in private). I commented on this circa 2007 [slashdot.org] and also noted that- even though Bush was still in power then- France (and Germany's) defiance of the US earlier in the decade had not resulted in any long term damage to their relationship with them, just as the UK had not gained any substantial influence with its sucking up.

In short, even if one is an amoral realpolitician (realpolitikian?!), it shows that public sucking-up to- and being publicly flattered as a junior partner by- the US buys little substantial long-term influence, and isn't worth worrying about as much as paranoid-about-losing-global-power British leaders like to think.

Now you touch the point the FBI relies on... Yell childporn and most people shy away. Defending rights and such is nice and well, but who want to be seen as defending childporn. And so people happily ignore the rights of other users being ignored. It works equally well with terrorism. The RIAA screaming how illegal downloading supports terrorists. By now any bittorrent traffic is seen as something illegal.

And now they can serve gigabytes of child porn to pedophiles, then serve malware to practically everyone who uses Tor, pedo or not, and even stupid fascists who love to ramble on about justice and other shit to justify practically everything will still defend them.

Maybe next they can sell crack too schoolchildren in an attempt to find the crackheads who steal it from them.

Actually you'd need to turn scripts on in tor, and use it outside of tor too. Two things you are never suppose to do with tor. In fact, it's a security problem that the tor browser pack even allows either of those things to be turned on at all. It ended up serving malware to pretty much nobody, I'd figure. I don't know how stupid the average tor user is.

First they came for the pedophiles on Freedom Hosting, and I said nothing because pedophiles are scum.

Then they came for the drug dealers on Silk Road, and I said nothing because drug dealers are scum too.

Then they came for the leakers on {Wiki|Live|you pick one}Leaks, and I said nothing because I don't have time to read that stuff anyway.

Then they passed a law against using privacy tools such as Tor, Mixmaster, proxies, and crypto, because terrorists 9/11 OMG, and I said nothing because I have nothing to hide.

Then I tried to fly to my Dad's funeral and found out that I'm on the no-fly list. I still am. No one will tell me why, and there's nothing I can do to change it.

Then the police broke down my door because I had set up my wireless router wrong and someone had done something illegal over my connection, and it took me three years to get the charges dropped, and I lost my job and had to file bankruptcy, and I never did get my computer back. And what happened to the government agents who had wrongly prosecuted me? Nothing whatsoever. And what compensation did I get? The court ruled that the government had not violated its rules and therefore I was not owed anything. Have a nice day.

Then the police broke down my door because I had set up my wireless router wrong and someone had done something illegal over my connection, and it took me three years to get the charges dropped, and I lost my job and had to file bankruptcy, and I never did get my computer back. And what happened to the government agents who had wrongly prosecuted me? Nothing whatsoever. And what compensation did I get? The court ruled that the government had not violated its rules and therefore I was not owed anything. Have a nice day.

Ah, yes....

Remember all those long-ago Slashdot discussions with one side shouting "Tin-foil hat!" every time possible chilling effects like this were postulated?

Dude, your ID shows that you signed up not much longer after I did (in an era when we told ourselves the old baddies--those twisted, ruthless peronality types--couldn't possibly exist in our groovy postmodern times.

--now--

--here we are!

You're probably on that list for being an opinionated online malcontent.

If you blame drug dealers for messing up your brother's life, you also have to blame bartenders for all the alcoholism, convenience store clerks for all the smoking related deaths, farmers for the obesity epidemic, etc, etc, etc. Or you could just admit that your brother made his own choices and it's no one's fault but his own.

They have rights because the best of us and the worst of us share these rights. The powers-that-be want to nibble away at rights of the seemingly most deserving parts of the community, but we'll ALL suffer if these rights cease being universal. As someone else here quoted : "The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all." -- H. L. Mencken

Actually, reading more carefully perhaps one could argue they did. I don't think that was the meaning, but if it was I guess they'd be saying "all men have the freedom to be good or evil, unless they don't in which case they are not free". I wouldn't agree - it sounds libertarian to me, and I'm not of that flavour and believe that some impingements on freedom given human failings are warranted. In the tradeoff between dangers, however, an out-of-control secret service is FAR more terrible than even a ped

I accuse you of being a pedophile. By your own admission, you now have NO rights what so ever, as pedophiles don't have the right to rape children, which I claim you did.

I have a secret court order that I can't show you, and you can't even tell anyone about under penalty of death.You'll just have to trust me on that one (Clearly not a problem for one such as yourself who admits people such as yourself have no rights)

Now you have just given me the right to murder you, I mean "kill you" as you put it. (Murder is the crime, killing is when its legal like this)

If you resist, I can rely on the fact you have no rights due to being called a pedophile that rapes children, which you have no right to do, and you make no distinction based on if you have actually done it or not so thankfully that detail doesn't matter.

If you DON'T resist, I can also kill you, since the secret court order I can't show you says I can, despite the fact you can't even verify that as truth.

Lastly, not only are you dead, but due to your opinions on the law, literally anyone can kill anyone else using the same rules you setup justifying your own murder.

That's right, they do. They have the same rights as the rest of us, including the right to a speedy, fair, trial by jury, and the right to remain silent. What they don't have is the right to murder, molest children, and to rape. I don't know how people don't get that.

"The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all." -- H. L. Mencken

That's a common argument that is told to conservatives to convince them that the ACLU is an evil liberal organization who should be hated. It was, as you point out, originally created to defend Communists from unconstitutional harassment, but that had a lot to do with the fact that Communists and people with communist ideas were unconstitutionally targeted by the US government from about 1880 until about 1990.

I know what you mean. I think we can fairly criticize them for not taking their unlimited temporal, manpower, and financial resources and failing to defend every wrong. Whomever came up with the idea that you have to pick your battles clearly was a scoundrel!

"The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all." -- H. L. Mencken

Yes, that is the implication. If they take away your right to speech by targeting the pedos first, then yes. It's your rights that are gone, and if you don't speak up for the social democrats or gypsies, there won't be anyone left to speak up when they come for you.

That saying was just a re-telling of "All it takes for evil to triumph is for good men to do nothing."

It looks like you need to learn about context as well. The phrase "Nobody is suggesting that people "stand up" for the rights of pedophiles and drug dealers to be pedophiles and drug dealers." refers to nobody in this thread. It isn't a claim that there are no such people on the planet.

"No, I think that due process must be followed."

It must have been the line "are you suggesting that people "stand up" for pedophiles and drug dealers?" that confused me. For some reason I thought that meant that they don't

So the FBI had a treasure trove of evidence that would lead to the prevention of actual children being abused, and instead of tracking down all those leads they decided to prosecute the people who provided them that treasure trove.

There. FTFY.

Were I director of the FBI, I'd be obtaining warrants based on this info left and right. That would be perfectly legitimate; but NooooO. They have to go after the network instead. Why? Is it possible that they actually depend on pedos? Kinda like the DEA--make drugs a public health issue rather than a law enforcement issue, and they're out of a job. Get the actual kiddie porn producers off the street, and a lot of FBI agents might be out of jobs too.

You joke about that but the county next to mine just had the sheriff arrested for that very thing. He would find his opponents or others who made him angry, arrest them for child porn, plant the child porn, and then splash their name all over the news to ruin their reputation. He finally got caught when he arrested the wrong person. This guy called the FBI and the County District Attorney, who both pressed charges against him. I think the total charge count is around 30 felony counts of evidence tampering, witness tampering, intimidation, and other corruption issues. This stuff is too good to be made up sometimes.

However although there are charges essentially relating to misuse of police resources and abuse of his position. There are no charges relating to planting of evidence with regards to the 2 cases of child porn and cannabis where the defendants were cleared. However if there were such charges then you would have to assume that any cases brought by his department may be tainted and that is a massive can of worms to open.

Corrupt sheriffs and cops getting busted for planting evidence against political opponents is all-too-common where I'm from in the South. I can think of dozens of cases just off the top of my head. It's almosr a shock here to encounter cops who AREN'T corrupt.

The bank account in Las Vegas means that he was paying for (and perhaps profiting from) the servers. That provides US jurisdiction no matter where the data was being stored. The same thing happens around the world: if part of an action happens within a given country and it's illegal in that country, jurisdiction applies. They may have to work through extradition, but in this case, France may also look to get a piece of him, especially if he's not convicted in the US. France may then go through extradition to get him into their courts for storing child porn on French soil.